[twitter-dev] OAuth Authentication Authorization interchangeability?
Hi, Our site offers cross-site logins using Twitter's authentication oauth url, and also has post-to-twitter functionality using the authorization url. To what extent are the tokens obtained from either of these interchangeable? It seems like I can use an authentication token to post tweets, for example. Is this guaranteed to stay like this, or must I get both authentication authorization if I want to log a user in from their twitter account, and also post stuff to their twitter account? -Jonathan -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] OAuth Authentication Authorization interchangeability?
On 9/2/10 8:24 PM, Jonathan del Strother wrote: Hi, Our site offers cross-site logins using Twitter's authentication oauth url, and also has post-to-twitter functionality using the authorization url. To what extent are the tokens obtained from either of these interchangeable? It seems like I can use an authentication token to post tweets, for example. Is this guaranteed to stay like this, or must I get both authentication authorization if I want to log a user in from their twitter account, and also post stuff to their twitter account? -Jonathan Hi Jonathan, Not 100% sure what you mean, but if you are talking about the difference between /oauth/authenticate and /oauth/authorize, then don't worry, tokens are tokens :-) Tom -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] OAuth Authentication Authorization interchangeability?
The tokens you get back from authenticate and authorize are permanent and do not expire. They will continue to work unless the user revokes your application, you regenerate your applications consumer key/secret, or your application is deleted or suspended. The tokens you get back will be the same from /authenticate and /authorize so long as none of the conditions above occur. Hope that helps, Matt On Thu, Sep 2, 2010 at 1:39 PM, Tom van der Woerdt i...@tvdw.eu wrote: On 9/2/10 8:24 PM, Jonathan del Strother wrote: Hi, Our site offers cross-site logins using Twitter's authentication oauth url, and also has post-to-twitter functionality using the authorization url. To what extent are the tokens obtained from either of these interchangeable? It seems like I can use an authentication token to post tweets, for example. Is this guaranteed to stay like this, or must I get both authentication authorization if I want to log a user in from their twitter account, and also post stuff to their twitter account? -Jonathan Hi Jonathan, Not 100% sure what you mean, but if you are talking about the difference between /oauth/authenticate and /oauth/authorize, then don't worry, tokens are tokens :-) Tom -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en